CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2025/05/22 11:2 p.m.•7 views

CVE-2022-35540

Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...

9.8CVSS7.1AI score0.00557EPSS

Exploits0References1

Circl•added 2022/08/19 2:23 a.m.•2 views

CVE-2022-35540

creationtimestamp| type| source ---|---|--- 2022-08-19 02:23:12+00:00| seen| https://t.me/cibsecurity/48421...

9.8CVSS7.2AI score0.00557EPSS

Exploits0References1

NVD•added 2022/08/18 11:15 p.m.•11 views

CVE-2022-35540

Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...

9.8CVSS0.00557EPSS

Exploits0References1

OSV•added 2022/08/18 11:15 p.m.•9 views

CVE-2022-35540

Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...

9.8CVSS9.6AI score

Exploits0References1

Cvelist•added 2022/08/18 10:17 p.m.•15 views

CVE-2022-35540

Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...

9.8AI score0.00557EPSS

Exploits0References1

CVE•added 2022/08/18 10:17 p.m.•463 views

CVE-2022-35540

CVE-2022-35540 concerns AgileConfig prior to 1.6.8 where a hard-coded JWT secret in the server enables remote attackers to forge a token and gain administrator access. The issue, documented across multiple sources (Red Hat, GHSA, OSV, NVD), attributes the root cause to an inline secret, allowing ...

9.8CVSS9.5AI score0.00557EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by